# app/utils/auth_utils.py
from fastapi import Security, HTTPException, status
from fastapi.security.api_key import APIKeyHeader

from app.core.config import settings

# API密钥验证
API_KEY = settings.api_key
API_KEY_NAME = "X-API-Key"
api_key_header = APIKeyHeader(name=API_KEY_NAME, auto_error=False)


async def verify_api_key(api_key_header: str = Security(api_key_header)):
    if not API_KEY:
        # 如果未设置API_KEY，则不进行验证
        return True
    if api_key_header == API_KEY:
        return True
    else:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Invalid or missing API Key",
        )
